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DETAILED ACTION 

Response to Amendment 

1 . In response to communications filed on 12/08/2008, the Examiner acknowledges 
the amendments made to the claims and have both considered and applied them to the 
claims. 

Claims 1-14, 16-38, 40-62, 64-86 and 88-96 are presented for examination. 

Response to Remarks/Arguments 

2. Applicant's remarks/arguments with respect to the rejection of claims 1-14, 16- 
38, 40-62, 64-86 and 88-96 have been fully considered but they are not persuasive. 
However before addressing the arguments presented by the Applicant the Examiner 
provides a Non-Final Rejection of the claims due to the typographical error that resulted 
in the patent application publication number of the primary reference of record being 
omitted from the previous office action. In light of the omission, a Non-Final Rejection is 
here provided so as to allow the Applicant due time to consider the references of record 
and prepare a response in view of these references. 

Specification 

3. The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: the claimed "apparatus" of claims 73-96 is not supported by 
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the disclosure of the Specification of record submitted 03/19/2004, as no mention of an 
apparatus is provided in the Specification. 



Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



Claims 1 . 2. 25. 26. 49. 50. 73 and 74 are rejected under 35 U.S.C. 102(e) as 
being disclosed by Deo et al. (US Patent Application Publication No. 
200501 71 983 A1 hereinafter Deo). 



Regarding claims 1 , Deo, discloses a smart card for communication with an 

electronic device, comprising: 

• a memory, on said smart card (Figure 1 and paragraph 0019 - "volatile 
rewritable memory in the form of RAM (Random Access Memory) 106, a 
ROM (Read Only Memory) 108, and an persistent read/write memory 
such as EEPROM (Electrically Erasable Programmable ROM) 110"), 
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• storing therein (1 ) an application program (0020 - "nonresident 
applications 116, which execute external to the smart card (e.g. programs 
on kiosks, point-of-purchase machines, etc.), may also place function calls 
with the operating system 1 14 to perform tasks or manipulate data on the 
smart card"); 

• (2) a security manager (0008 - "file system initially determines whether 
the application is authorized to gain access to the data file. If it is, the file 
system next determines whether the data file resides in volatile memory or 
nonvolatile memory. Once the memory region is identified, the file system 
identifies the physical location of the data file" the disclosed file system is 
here equated to the claimed "security manager"); and 

• (3) a capabilities list associated with said application program, said 
capabilities list including information regarding whether access to one or 
more resources for use by said application program is permitted wherein 
said capabilities list and said application program constitute a load 
package received by said smart card (0023 - "[access control list] (ACL) 
controls access to the associated file, thereby permitting only authorized 
applications to gain access to and perform file operations on the volatile 
files" the disclosed access control lists is equated to the claimed 
"capabilities list"); and 

• a processing unit, on said smart card (Figure 1 and paragraph 0019 - "a 
CPU processor 104"), for executing said application program and said 
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security manager, wherein upon said processing unit executing said 
application and said security manager, and when said executing 
application requests access to at least one of said one or more resources 
(0020 - "operating system 1 14 exposes a set of application program 
interfaces (APIs) that enable resident applications 1 12 to perform tasks 
and manipulate data on the smart card")., said executing security manager 
selectively grants access to said at least one of said one or more 
resources for use by said executing application program based at least in 
part on said information in said capabilities list (0020 - "nonresident 
applications 116, which execute external to the smart card (e.g. programs 
on kiosks, point-of-purchase machines, etc.), may also place function calls 
with the operating system 1 14 to perform tasks or manipulate data on the 
smart card"). 



Claim 25 is rejected under the same rationale as claim 1 . 
Claim 49 is rejected under the same rationale as claim 1 . 
Claim 73 is rejected under the same rationale as claim 1 . 



Regarding claims 2 , Deo, discloses the smart card of claim 1 wherein said one or 
more resources comprise at least one of data and functions (0020 - "operating 
system 114 exposes a set of application program interfaces (APIs) that enable 
resident applications 1 12 to perform tasks and manipulate data on the smart 
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card"). 



Claim 26 is rejected under the same rationale as claim 2. 
Claim 50 is rejected under the same rationale as claim 2. 
Claim 74 is rejected under the same rationale as claim 2. 



Regarding claims 3 , Deo, discloses the smart card of claim 1 wherein said one or 
more resources comprise one or more resources external to said smart card 
(0020 - "nonresident applications 116, which execute external to the smart card 
(e.g. programs on kiosks, point-of-purchase machines, etc.), may also place 
function calls with the operating system 1 14 to perform tasks or manipulate data 
on the smart card"). 



Claim 27 is rejected under the same rationale as claim 3. 
Claim 51 is rejected under the same rationale as claim 3. 
Claim 75 is rejected under the same rationale as claim 3. 



Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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Claims 4-7, 28-31 , 52-55 and 76-79 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Deo et al. (US Patent No. 6839843 A1 hereinafter Deo) 
and further in view of Wilkinson et al. (US Patent No. 6,308,317 hereinafter 
Wilkinson). 

Regarding claims 4 , Deo, is silent in at least one of: terminal side resources and 
channels of a communications network, however Wilkinson does provide such a 
disclosure (Figure 1 and 7:66-67 and 8:1-4 - "terminal 14 prepares and 
downloads Java applications to the integrated circuit card 10 using the terminal 
communicator 12b. The terminal communicator 12 b is a communications device 
capable of establishing a communications channel between the integrated circuit 
card 10 and terminal 14" and 8:15-19 -"terminals can be automated teller 
machines (ATMs), point-of-sale terminals, door security systems, toll payment 
systems, access control systems, or any other system that communicates with 
an integrated circuit card or microcontroller"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the smart card subsystem 
of Deo with the integrated circuit Wilkinson, as both Deo and Wilkinson 
disclose use of a smart card in executing applications/application 
requests, however Wilkinson describes in detail the interpretation of an 
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application written in high level programming language into the low level 
language used in the execution of applications by the smart card, whereas 
Deo does not disclose such details. Wilkinson provides motivation in the 
disclosure of 3:37-46,-which recites "a need to load new applications on 
the card that do not have the explicit knowledge of the other providers, but 
without the possibility of compromising the security of the card" and 3:60- 
63, which recites that "applications may be downloaded to a smart card 
without compromising the security of the smart card. These applications 
may be provided by different companies loaded at different times using 
different terminals." 



Claim 28 is rejected under the same rationale as claim 4. 
Claim 52 is rejected under the same rationale as claim 4. 
Claim 76 is rejected under the same rationale as claim 4. 



Regarding claims 5 , Deo, discloses the smart card of claim 1 wherein said one or 
more resources comprise one or more resources owned by at least one of said 
application program and another entity (0020 - "nonresident applications 116, 
which execute external to the smart card (e.g. programs on kiosks, point-of- 
purchase machines, etc.), may also place function calls with the operating 
system 1 14 to perform tasks or manipulate data on the smart card"). 
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Claim 29 is rejected under the same rationale as claim 5 
Claim 53 is rejected under the same rationale as claim 5 
Claim 77 is rejected under the same rationale as claim 5 

Regarding claims 6, 30, 54 and 78 , Deo, discloses the smart card of claim 5 
wherein said other entity comprise at least one of: an operating system of said 
smart card and another application program (0020 - "operating system 114 
exposes a set of application program interfaces (APIs) that enable resident 
applications 1 12 to perform tasks and manipulate data on the smart card"). 

Claim 30 is rejected under the same rationale as claim 6 
Claim 54 is rejected under the same rationale as claim 6 
Claim 78 is rejected under the same rationale as claim 6 

Regarding claims 7 , Deo, discloses smart card of claim 1 wherein said 
capabilities list comprises information regarding at least one of: access rights; 
and information required for access to a resource (0023 - "[access control list] 
(ACL) controls access to the associated file, thereby permitting only authorized 
applications to gain access to and perform file operations on the volatile files" the 
disclosed access control lists is equated to the claimed capabilities list"). 

Claim 31 is rejected under the same rationale as claim 7. 
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Claim 55 is rejected under the same rationale as claim 7. 
Claim 79 is rejected under the same rationale as claim 7 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 8-14, 16-24, 32-38. 40-47. 56-62. 64-72 and 80-86 and 88-96 are 
rejected under 35 U.S.C. 103(a) as being unpatentable over Deo et al. (US 
Patent No. 6839843 A1 hereinafter Deo) in view of Wilkinson et al. (US Patent 
No. 6,308,31 7 hereinafter Wilkinson) and further in view of Exton et al. (US 
Patent No. 6,910,041 B2 hereinafter Exton) 

Regarding claims 8 , Deo, is silent in disclosing the smart card of claim 1 wherein 
said memory stores a first capabilities list and a second capabilities list, said first 
capabilities list comprising a handle to link to said second capabilities list, 
however Exton does provide such a disclosure (7:60-66 - "defining a first set of 
permissions [is the] first access control list" and 8:19-22 - "second access control 
list controls access ... based on second set of permissions"). 
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It would have been obvious at the time of the invention to have been 
motivated to combine the invention of Deo and Wilkinson with the invention of 
Exton. The motivation for such a combination is provided by Exton in the 
recitation, "most administration models today revolve around defining a role for a 
particular administrator and then associating a number of tasks that a person 
with that role is permitted to perform ... it would be advantageous to provide an 
improved administration model in which the permission sets are not predefined." 

Claim 32 is rejected under the same rationale as claim 8. 
Claim 56 is rejected under the same rationale as claim 8. 
Claim 80 is rejected under the same rationale as claim 8. 

Regarding claims 9 , Deo, discloses the smart card of claim 8 wherein said 
second capabilities list is associated with one or more of other application 
programs, however Exton does provide such as disclosure (8:19-22 - "second 
access control list controls access ... based on second set of permissions"). 

The rationale and motivation for this obviousness type rejection is the 
same as in claims 8, 33, 56 and 80. 

Regarding claims 10 . Deo, discloses the smart card of claim 1 wherein said 
application program is for requesting access to a resource (0008 - "an 
application requests access to a data file"). 
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Claim 34 is rejected under the same rationale as claim 10. 
Claim 58 is rejected under the same rationale as claim 10. 
Claim 82 is rejected under the same rationale as claim 10. 

Regarding claims 11 . Deo, discloses the smart card of claim 1 wherein said 
application program is for transmitting a resource access request to a security 
manager and said security manager is for transmitting a verify request to a 
verification program to examine said capabilities list to determine whether said 
application program is authorized to access said resource, and for performing or 
denying said requested action based at least in part on said examination (0008 - 
"file system initially determines whether the application is authorized to gain 
access to the data file. If it is, the file system next determines whether the data 
file resides in volatile memory or nonvolatile memory. Once the memory region 
is identified, the file system identifies the physical location of the data file" the 
disclosed file system is here equated to the claimed "security manager"). 

Claim 35 is rejected under the same rationale as claim 1 1 . 
Claim 59 is rejected under the same rationale as claim 1 1 . 
Claim 83 is rejected under the same rationale as claim 1 1 . 
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Regarding claims 12 , Deo, discloses the smart card of claim 1 1 wherein said 
security manager comprises an application program interface (API) (0008 - "file 
system exposes a set of application program interfaces (APIs) to allow 
applications to access the data files"). 

Claim 36 is rejected under the same rationale as claim 12. 
Claim 60 is rejected under the same rationale as claim 12. 
Claim 84 is rejected under the same rationale as claim 12. 

Regarding claim 13 , Deo, discloses the smart card of claim 1 1 wherein said 
security manager is for obtaining information regarding said requesting 
application program through one of inquiring at a context originating the resource 
access request and a parameter provided with said resource access request 
(0034 and 0039). 

Claim 37 is rejected under the same rationale as claim 13. 
Claim 61 is rejected under the same rationale as claim 13. 
Claim 85 is rejected under the same rationale as claim 13. 



Regarding claim 14 . Deo, discloses the smart card of claim 1 , further comprising 
input/output means for receiving said capabilities list from at least one of a 
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provider of said application program and an owner of said one or more resources 
(0023). 

Claim 38 is rejected under the same rationale as claim 14. 
Claim 62 is rejected under the same rationale as claim 14. 
Claim 86 is rejected under the same rationale as claim 14. 

Regarding claims 16 , Deo, discloses the smart card of claim 1 wherein said 
device is configured to modify said capabilities list based at least in part on a 
subsequently received capabilities update list associated with said application 
program (0027). 

Claim 40 is rejected under the same rationale as claim 16. 
Claim 64 is rejected under the same rationale as claim 16. 
Claim 88 is rejected under the same rationale as claim 16. 

Regarding claims 17 , Deo, is silent in disclosing the smart card of claim 1 
wherein said device is configured to delete said capabilities list or link and access 
rights upon receiving an instruction to delete said application program from the 
outside (0027 and 0029). 

Claim 41 is rejected under the same rationale as claim 17. 
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Claim 65 is rejected under the same rationale as claim 17. 
Claim 89 is rejected under the same rationale as claim 17. 



Regarding claims 18-20, 42-44, 66-68 and 90-92 , Deo, is silent in disclosing the 
smart card of claim 1 wherein said capabilities list is encrypted/cryptographically 
signed by at least one of a provider of said application program and an owner of 
said one or more resources and said processor is configured to decrypt/ 
cryptographically authenticate said capabilities list, however Wilkinson does 
provide such a disclosure (16:20-35). 

The rationale and motivation for this obviousness type rejection is the 
same as in claims 4, 28, 52 and 76. 



Regarding claims 21 , 45, 69 and 93 , Deo, is silent in disclosing a processor 
further configured to cryptographically authenticate said capabilities list when 
said capabilities list is accessed, said capabilities list being successfully 
authenticated if a first fingerprint computed over said capabilities list upon storing 
capabilities list matches a second fingerprint computed over said capabilities list 
in response to a run-time request to use said capabilities list, however Wilkinson 
does provide such a disclosure (16:20-35). 

The rationale and motivation for this obviousness type rejection is the 
same as in claims 4, 28, 52 and 76. The claimed "fingerprint" is the 
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encrypted/cryptographically signed access control list/capabilities list disclosed 
by Wilkinson. 

Regarding claims 22 , Deo, discloses the smart card of claim 1 wherein said 
application program comprises a plurality of modules (0056 and Table 1). 

Claim 45 is rejected under the same rationale as claim 22. 

Claim 70 is rejected under the same rationale as claim 22. 

Claim 94 is rejected under the same rationale as claim 22. 

Regarding claims 23, 46, 71. 95 , Deo, is silent in disclosing the smart card of 

claim 1 wherein said application program comprises a Java application program 

or a Java Card.TM. applet, however Wilkinson does provide such a disclosure 

(8:20-23). 

The rationale and motivation for such obviousness type rejection is the 
same as in claims 4, 28, 52 and 76. 

Regarding claims 24, 47, 72, 96 , Deo, is silent in disclosing the smart card of 
claim 1 wherein said capabilities list is embodied in a tag-length-value (TLV) 
structure, however Wilkinson does provide such a disclosure (8:24-39). 

The rationale and motivation for such obviousness type rejection is the 
same as in claims 4, 28, 52 and 76. 
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Conclusion 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHINWENDU C. OKORONKWO whose telephone 
number is (571 )272-2662. The examiner can normally be reached on MWF 2:30 - 6:00, 
TR 9:00-3:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/C. C. O.l 

Examiner, Art Unit 2436 



/Nasser G Moazzami/ 
Supervisory Patent Examiner, Art 
Unit 2436 



